Archive pour novembre 2013

The recent kidnapping and killing of Ghislaine Dupont and Claude Verlon, two French journalists for Radio France International (RFI), in Mali is creating an uproar in the profession and beyond. Only for 2012, 88 journalists have been killed, according to Reporters Sans Frontières, compared to 33 in “black year” 2009 (including war coverage veterans such as Anthony Shadid of The New York Times and Marie Colvin of Britain’s Sunday Time in Syria). This count is tragically fitting with the increasing figures compiled by the global network for free expression, IFEX, with data from different members of its extensive network (RSF, CPJ, IFJ, IPI, WAN-DFRA, WIPC).

The methods used range from kidnapping, hostage-taking, abduction, torture to gunning down… not to mention intimidation, imprisonment, surveillance, reprisals, court summons, confiscation of material, obligation to reveal sources and overall harassment. They show that journalists are increasingly treated as enemies or information soldiers as it were and, consequently, become a prime target. This situation contravenes human rights as it is a profession which, together with humanitarians, is generally protected by the (revised) Geneva Conventions of 1949 (journalists working independently have the same status as civilians). The motives for murdering them differ between attacks occurring during active conflict or during peacetime: in the first case, it is about silencing witnesses and creating chilling effects on expression in the population at large; in the second case, it is about ending investigations on corruption, organized crime and other illegal activities, not to mention reporting on human rights contraventions and expressing dissent on government activities. In both cases though, journalists are often alone, due to the conflictive situations they investigate, that imply to infiltrate the different parties at stake, like the rebels in Syria or the smugglers in organized crime.

Due to these escalating conditions, the fate of journalists must become an international cause as it is directly connected to censorship and chilling effects on freedom of expression. In the case of the French journalists as in many previous others, establishing the method and motive for the murders with greater precision remains to be done, and this task is often much less mediatized. Yet the real scandal behind the killings is the under-reported and under-investigated cases, especially in highly militarized countries or in fractured geopolitical areas such as North Mali or Baluchistan, not to mention Syria and Somalia where the civil war fractures are internally disruptive.

Some progress has been done since 2008, when UNESCO adopted a Decision on the Safety of Journalists and the Issue of Impunity, giving its International Programme for the Development of Communication (IPDC) a central role in monitoring the follow-up of killings condemned by the Director General. It urges Member States to end impunity, and to inform the Director-General, on a voluntary basis, of the actions taken to prevent it, as well as on the status of the judicial inquiries conducted on each of the reported killings. Every two years the Director-General submits to the IPDC Council a report on The Safety of Journalists and the Danger of Impunity as a monitoring tool. Following another decision by the IPDC Council in 2010, a UN inter-agency plan of action on the safety of journalists and the issue of impunity was developed, during the first UN Inter-agency meeting held at UNESCO in September 2011. The UN Plan of Action was fully endorsed by the UN Chief Executives Board in April 2012 and a plan has been set up to produce concrete strategies by 2013-14.

While this monitoring work is in progress, some authoritarian regimes and some states at war are not likely to adopt good practices to fight the very impunity that protects their own wrong doings. Such countries don’t consider freedom of expression as an enabler of development or of democracy. They don’t see the killing of journalists as an attack on human rights and a blemish on their own image but mostly as real politik in a context that they seek to control totally, especially as the Arab Spring events have shown that international journalists were receiving help from national bloggers who sent data via the social networks to inform the global public opinion of the bleakness of their situation.

The solution of civil society monitoring remains the most efficient to date. Besides IFEX, the Freedom House Index (created in 1979) for instance monitors countries on three basic criteria: the legal context (laws that impact media content or allow restrictions on media operations), political influence (laws that foster state control over media) and economic pressures (laws on barriers of entry, corruption opportunities). The ranking scores are published regularly and provide an assessment of the constraints on press freedom. They are made available to civil society organisations, activists, professionals and decision-makers. While not stopping the killings, such tools point to non-democratic practices that can then be used locally to fight for progress and redress. To date, more than forty countries in regions such as Asia, the Middle East and Africa can be considered as enemies of the press, with restrictive if not lethal actions on journalists.

In such countries, the fight against impunity rests with the growth of advocacy groups from within civil society and the international awareness of risks to journalists in the face of new modes of transborder conflicts. International pressure against impunity can use the UN framework as well as the international monitoring tools but it must move more intensely to procedural guarantees and sanctions if need be as for any human rights violation. But above all, the press should serve itself first, and cover the investigations on journalist killings, even when states don’t comply readily with appropriate processes and enforcement mechanisms. Journalists are citizens whose rights, when denied, impact civil liberties of all sorts and erode freedom of expression for all.

Internet has enabled the possibility of ubiquitous networks,in which information processing has been integrated into everyday objects to enable seamless activities without users being aware of it (via smartphones, mobiles…). The current PRISM scandal has alerted public opinion about the extent and the abuses of such a ubiquitous surveillance that seems difficult to stem in spite of growing claims in favour of augmented privacy… unless a reciprocal principle of ubiquitous transparency is set up. Transparency reports are only the beginning of this process, and they have the merit of pointing at the risks to democracy if surveillance is allowed to go rampant.

The risks of transparency erosion

When transparency and accountability are lacking, the risks are numerous, at all levels of governance. The very technical foundations of the Internet may be affected or even undermined if governments develop their own security mechanisms to circumvent the existing ones. Hacking strategies, scrambling systems, encryption, sensors and viruses of all kinds can impact the architecture of the net. They can also induce competing states to engage in a cyberwar that may be damaging for the transborder advantages of the current Internet as a critical resource for development. They can modify the broadband infrastructure layer that connects networks and routers and reduce the scope and security at the core of the Internet backbone, which can have deep implications for policy perspectives.

A larger risk lies in the impact of erosion on the global interoperability and openness of the Internet, two principles that have laid the foundations of digital value for the world community at large. Technically, interoperability requires attention to standards at the design level of a programme and can have significant impact on usability, with economic, political and social consequences; openness combines the technical layer and the legal and content layer of freedom of expression and right to information (against censorship and surveillance). They both are becoming pillars of governance and jeopardizing them may lead to Internet mayhem.

The risk of conflict of interest is also quite present, as always when industry gets involved in policy-making. The pure players lobbies are being quite active to frame and shape legal decisions worldwide, not just in the USA, as exemplified by the EU-US negotiations on data protection agreement and the generalized spying on political leaders and European economic groups revealed by PRISM. The political and social costs of transparency erosion can also lead to lack of public deliberation and have a chilling effect on expression; it can also have inhibiting effects on creativity and productivity (self-censorship).

The solutions towards ubiquitous transparency and accountability

Such risks point to a need to review confusing standards that have been interpreted inconsistently by the courts, creating uncertainty for service providers, law enforcement agencies and users at large. The new context of PRISM and general surveillance has had the positive effect of re-engaging national governments in regulation, of focusing policy-making on to accountability claims and of reframing some of the norms by which the netroots can influence policy effectively, with increased obligations for reporting. The problem needs to be addressed at several levels of intervention, that have started before PRISM but for which PRISM can be a meaningful catalyst: the right to information, the regulatory authority, the peer-to-peer leveraging of civil society and finally media and information literacy for the larger empowerment of the public.

1/ The Right to Information (RTI)

In recent years, the Right to Information has been successfully construed as a complement to the right to freedom of expression. The purpose, amongst others, is to promote transparency and open information flows in certain sectors such as information related to scientific information, environmental matters, public budgets, extractive industries and the use of natural resources. Internet as a critical resource could be added to that list.

The RTI framework is characterized by a number of principles that could be used for transparency reports: maximum disclosure, obligation for public bodies to publish key information, limited scope of exceptions, processes to facilitate access to government-held information, open meetings, disclosure taking precedence over secrecy laws, protection for whistleblowers, together with low costs for information access, and the promotion of open government. Additional actors have come under the scope of RTI since the 1990s, such as companies that are owned or controlled by the state and private entities that perform a public function or are recipients of substantial government funding. This should be extended to include the pure players as well as the Telco’s and the ISPs (see Frau-Meigs, UNESCO “Exploring the Evolving Mediascape” report, 2013 available here).

2/Public-interest regulatory authority

There is a need for a mechanism or instrument that ensures that transparency reports are produced with clear criteria and with independence (far from the pressure of media, politics or economics). Going for a policy-making mechanism may mean to look at existing regulatory agencies because governments are not willing to create new institutions. It is important to identify national and intergovernmental monitoring bodies, at regional level to provide for cooperative, multi-stakeholder spaces.

Citizens need sense-making mechanisms for looking at the data or else the statistics will just be unused and will put in the shadow other important issues, such as terms of service (that can be problematic for the private sector). The reports from different actors/Stakeholders need to be created as a standard setting process. They have to be organised according to objectives and circumstances duly described by the law, as well as the suspected crimes by nature, by service (asking for interception), by operator (on the territory and also outside) and also by decision (suppression, acceptation, effect or not). All reports should be public (they are not in all countries, including the USA). And citizens should have the right to complain, in public court or bureau, with violations reviewed in adversary proceedings.

3/ Peer-to-Peer leveraging

Fears about mass data surveillance have preoccupied civil society for a while, especially after media disclosures of such non-military spying programmes as ECHELON (1988) and STELLARWIND (2008). As a result of these early disclosures, P2P technology was developed to empower individuals to protect themselves. P2P enables the repurposing of innovations made for completely different reasons. End-users can create solutions to counter the threat, thus fully exerting their right of leverage. The computer community has released several strong cryptographic software tools such as Pretty Good Privacy (PGP), in response to government pressure. Making cryptography available online, especially via PGP that works on open standards, can redirect the control over privacy protection from the government to the end-users.

P2P leveraging can also be exerted offline, as creative solutions are also being set up by the netroots at the political and legal level of intervention. Civil society movements such as “Restore the Fourth” have emerged to denounce the onslaught on individual privacy, to restore due process about unreasonable searches and seizures and to hold public officials accountable if responsible for undue surveillance. Watchdog Organisations such as The Electronic Frontier Foundation have filed lawsuits against the NSA to end unconstitutional surveillance; others such as Transparency International, Human Rights Watch and Amnesty International have called attention to the case of windblowers and the need to protect them, as in the case of Snowden, bereft in Russia for lack of a proper solution.

4 /Media and Information Literacy (MIL)

The current civic apathy of the larger public can be turned into civic agency by early exposure to Media and Information Literacy. Education takes time and its results are not easily and quickly seen, which explains partly the slow move by governments to implement MIL programmes in schools. Yet education is the best filter and it provides for the possibility for self-protection against intrusion and disclosure. It also encourages young people to practice peer-transparency and to request for accountability from politicians and businesses alike.

With this repertoire of strategies, transparency could thus be less ideological and more pragmatically effected. Yet Transparency 2.0 will remain a dystopian view if not sustained by accountability in Internet governance. Accountability needs to be construed as a normative notion, as an obligation to perform and report, so that citizens can see as much of their leaders as their leaders can see of them. Accountability would then be based on democratic consent and its underlying human rights values.

The year 2013, via scandals like PRISM and Offshore Leaks, has made it apparent that governments and businesses endeavour to circumvent Internet security mechanisms beyond what is expected of their roles and missions. The threat to public trust and to protection of human rights is being attenuated by a flurry of transparency claims and reports.

There are two ways of dealing with transparency today: 1/ by operator (that tends to look at consumer issues and government requests) or 2/ by regulatory agency (that considers issues such as safety, security, terror, etc., according to their finalities and the implicated services). Strikingly absent from the debate are the Telco’s and the Internet Service Providers (ISPs). The strengths and weaknesses of these reports depend on the motivation and legitimacy of the agencies that provide and promote them.

The responsibility and accountability of private sector entities is engaged in unprecedented ways in the digital world. The economy of the broadband media is basically built on personal data-mining by unrelated third parties, which implies having access to the expression of users for developing new services and for making business based on direct marketing purposes. The consensus currently accepted is that calling on their social responsibility can be done in a framework of self-regulation in which good practices are encouraged. This is the case with the Global Network Initiative created in 2008 to protect and advance freedom of expression and privacy, composed of ICT sector companies and civil society organizations (including human rights groups). Only four major American corporations (Google, Microsoft, Facebook and Yahoo!) were involved at the start, with a vested interest in promoting their image for transparency and in maintaining state intervention at bay. The snowball effect of the initiative is such that other pure player companies (Apple, Twitter, Dropbox, LinkedIn, etc.) have been induced to join the move, especially as their compliant role in the PRISM surveillance of customers is hotly under public scrutiny.

Google was the first to start publishing its “Transparency Report”, in 2009-10, before the scandal emerged. The reports show government requirements to take down information (blogs, images…) and reveals statistical patterns of traffic per requesting country (not by country requested). They give an idea of the priorities of business that they cover: government interventions (in all countries), requests to take down for copyright infringement, requests about users:

it is mostly connected to industry competition and Google-centred (YouTube and Google take downs)

it doesn’t give its criteria, its internal procedures and provides no information about NSA requests and Google’s level of compliance with them

it sends the reader to ECPA due process (an American legal framework is assumed here, not international)

it provides a semblance of seamless (self)regulation and doesn’t show the role of lobbies but also of social networks in the number of requests (case of Brazil for instance).

Google presents itself as the defender of the user first (in the section where it describes its refusal to take down for instance) but doesn’t give its reasons for refusing or agreeing to remove content. As often with transparency, what is not under the light is not visible, so nothing really indicates where Google stands with regard to government requests of a secret nature as revealed by PRISM scandal. Besides, statistics by single operators are not very illuminating and tend to be boring. Trust is not secured because the operator is both judge and party and there is no real transparency on its procedures. Google and other pure players have since been reactive to growing criticism by petitioning the government in order to be able to say more about FISA (Foreign Intelligence Surveillance Act), including section 702 (on foreign surveillance programmes like PRISM).

The CNCIS, created in 1993, gives the perspective of governments and their priorities in what such an agency can cover. In France, 3 majors motives appear: criminality prevention (50% of requests), national security (30%), terrorism (20%). This government perspective tends to provide a procedural approach besides the usual statistics (in relation to services and objectives including data traffic and anti-terrorist requests):

it shows the field not covered by French law on secrecy of messages and mail and its exceptions while being out of its competence (including French equivalent to PRISM for “mass” surveillance which is “extralegal”, CNCIS being competent on targeting surveillance)

it provides too short a comparison with other countries but points to possible exchanges and reciprocal training…

it is informative, with a good description of criteria and their relation to due process and the law.

The reports also point to a certain amount of good practices:

a posteriori and a priori surveillance can be interrupted

continuous control is applied, even of accepted interceptions, at random, to ensure that the legal procedure is respected

a priori control of the decisions to intercept is activated (even in case of “urgence absolue”), which often allows dialogue between various services

the capacity for quick response is ensured (less than an hour to evaluate “urgence absolue” requests), and a 24/24 hotline is maintained

decision-makers are audited by the CNCIS council, to keep dialogue and ensure accountability.

The government reports point to a concern against disproportionate requests or lack of legitimacy of procedures that could be conducted by other means such as local investigation. They lack nonetheless the relation to the general public, that seems to be absent from the procedure, as there doesn’t seem to be place for an ombudsmen or a formal complaints bureau (for people to ask for information about them).

Both types of reports reveal a certain amount of strengths and weaknesses in transparency that leave way for improvement and for a more general and shareable transparency template:

the need to define what one is to be transparent about: the status of chats, forums or blogs is not clear for instance, and so it is difficult to assess if such forms of communications should/ought/could lend themselves to interception…

the determination of the type of crimes that can legitimate interception is still unclear

there is an urgent need for clarification between national interests (very large and general) and national security (that often deals with terrorism).

In fact, transparency is used as a kind of mantra, but seems to have become an ideology, much as secrecy (its reverse) was in the last century. However, unless full reciprocal transparency can be guaranteed, it is a dystopian goal, because it creates new ways of cheating with information, new imbalances, new disparities and discrepancies. Taking into account the two-faced activities of the worthy and the wicked, we need to acknowledge the moral ambiguity of transparency 2.0. It might be less naïve and more effective to refer to accountability rather than to transparency: it is not about saying everything all the time, it is about ensuring procedural fairness, access to information and reparation of torts and damages when applicable. In that context, the full interest of the public, as consumer and citizen, can be taken into account, and ensure trust.